Why would you have to wipe a hard drive if the feds come knocking?
Dave
Dave
Need Advice! - Hard Drive Destruction
- Thread starter bmackay
- Start date
Help Support Gold Refining Forum:
jimdoc
Well-known member
I think that is Hillary, hiding in the woods of Canada.
Geo
Well-known member
Cordless drill. Drill a 3/8 inch hole (or bigger) through the hard drive, including the platters, and it is destroyed for all intents and purposes. You can remove the board at your leisure.
- Joined
- Mar 13, 2012
- Messages
- 315
I use a Ramset nail gun to drive a 1" nail through each drive. Goes pretty fast with minimal initial investment. Nails and loads do cost a little but this is the fastest and cheapest method I have found.
lont1963 said:
i used to have a system that had thermite situated so it would melt through the cover and the platters.
This was in the days of easy software piracy. I had probably a 1/4 of a million in engineering software and was foolish enough to think the feds cared of such things.
Now anything on my computer has records of me downloading it on fifteen other servers throughout the world...and even if there were things on my computer that could get me in trouble, the feds still have more pressing matters.
Not sure if this attachment will work, but here is an idea I was toying with to pop holes thru hard drives. Put the hard drive into the slot and whack it with a hammer. The spring returns the punch to the open position.
I had originally thought to just hit the top rod with a hammer, but if one had a handy machine like that press there, you could just put this in there and use it to press down.
I had originally thought to just hit the top rod with a hammer, but if one had a handy machine like that press there, you could just put this in there and use it to press down.
jimdoc
Well-known member
Some covers are very thick stainless steel, some with and extra layer over the discs.
I guess you could go through the back on those.
I guess you could go through the back on those.
I'm in the IT field and I've worked in high-availability/high security environments. I've had occasion to speak directly with people that perform data recovery from damaged or "erased" hard drives.
Methods in use and their efficacy:
Software:
Single or double pass full over-writes: Don't waste your time.
Full data writes with 7 or more passes: Works but nobody will guarantee it.
Physical:
Punching a hole, bending or scratching the surfaces of a platter: Unless you get most of all of the surfaces, data can be easily recovered by professionals. Do not trust these methods.
Full destruction: Metal shredder, acid bath or melting. This works reliably but it can be expensive.
Magnetic: A strong magnet (neodymium), wiped directly over the entire platter surface. I've yet to hear of successful recovery after this was done. Fast and cheap but you must be thorough. Good method but hard to validate or audit.
I dispose of ours through a company that documents each drive as it goes through a mechanical shredder. There is no other way that meets audit standards.
Methods in use and their efficacy:
Software:
Single or double pass full over-writes: Don't waste your time.
Full data writes with 7 or more passes: Works but nobody will guarantee it.
Physical:
Punching a hole, bending or scratching the surfaces of a platter: Unless you get most of all of the surfaces, data can be easily recovered by professionals. Do not trust these methods.
Full destruction: Metal shredder, acid bath or melting. This works reliably but it can be expensive.
Magnetic: A strong magnet (neodymium), wiped directly over the entire platter surface. I've yet to hear of successful recovery after this was done. Fast and cheap but you must be thorough. Good method but hard to validate or audit.
I dispose of ours through a company that documents each drive as it goes through a mechanical shredder. There is no other way that meets audit standards.
Excellent first post Arbentor!
Welcome to the forum!
Dave
Welcome to the forum!
Dave
silversaddle1
Well-known member
Arbentor said:
Well who's standards are you talking about? NIST 800-88 r1 states degaussing by a approver degausser and then crushing or bending meets their standards. You must use a DOD/NSA approved degausser to degauss the drives. Most degaussers are not approved.
Geo
Well-known member
If you are under government contract, I can understand total destruction. I have acquired lots from the Army Material Acquisition Command at Redstone Arsenal in Huntsville Al that required onsite destruction and there had to be an army liaison present to assure destruction before it left. Other than that, most scrappers are going to be working with the general population and short of tax fraud, ID theft or nudie pictures of someones wife, there's not going to be military secrets or life altering info stored on a home computer. In the every day real world, a three pound hammer should do the job nicely even if it is a bit loud.
Geo said:
It's honestly not even necessary to do the three pound hammer route. Just strip the board, sell the rest to a shredder. The identity thief that is good enough to replace the board and recover the data has MUCH easier targets to go after.
There's few of us that need to worry about such. Even the big buyers are now reselling the best hard drives to refurbishers after reformatting, and they have insurance companies willing to cover the risk involved.
I was surprised when I learned this, but it makes sense.
silversaddle1 said:
Technically, you are correct. Pragmatically, I haven't engaged with any companies using this methodology. Your experience may be different.
Im not trying to mislead anyone. Just providing a pragmatic perspective (my viewpoint) on what works and what might be risky.
If I were destroying "random" hard drives I would degauss.
Taking hard drives for destruction from a large merchant, bank or some other data aggregator (like the company I work for) is a whole different ballgame where the equipment to do the job is only a small part of the cost. Building auditable, reliable processes and good record keeping is very expensive as are the audits themselves.
Government/Military is another level beyond that.
Side note: This a short term problem. "Spinning Platter" hard drives are going away like VHS video and 8-Track tapes did many years ago.
- Joined
- May 31, 2016
- Messages
- 3,478
Under European GDPR legislation the hammer route doesn't cut the mustard and with no offense intended the US is years behind Europe in the protection of personal data. But Mark my words the time will come when all the free IT collections will cease there too.
You guys need to be innovative and get ahead of the curve and offer a proper service.
I'm typing this from my hotel room having destroyed over 5000 drives for a bank this weekend. The 42 tonnes of servers that came with, formed part of the deal so think on that and you'll be able to be ahead of the US bandwagon rather than watching it pass you.
You guys need to be innovative and get ahead of the curve and offer a proper service.
I'm typing this from my hotel room having destroyed over 5000 drives for a bank this weekend. The 42 tonnes of servers that came with, formed part of the deal so think on that and you'll be able to be ahead of the US bandwagon rather than watching it pass you.
anachronism said:
It's not that the US is without regulation, only that it is without pre-emptive enforcement, a serious data breach by a small time operation will end with prosecution. My guess is that the prosecution, likely by the FBI since is it sure to be crossing state lines at some point, which also means that the operation will end up with an IRS audit, depending upon the amount of people screaming for blood. The regulations are state specific, but do exist. There are plenty of operations offering a proper service, with liability insurance in place to cover missteps.
Your operation is considerably larger than almost anyone who posts on this forum. Those operations that are of the same size as you, offer the same services, and they charge for them just as you do. It's not a curve that most can begin to understand. It's also not a field that is easy to enter in to. There's a lot of homework to be done.
I think this is a common misunderstanding. The guys that are making it, backing their pickup truck up to a loading dock and making off with a couple hundred in scrap...they aren't doing it because they are operating within regulations. They aren't state approved electronic recyclers. They aren't RIOS certified.
They don't have their paperwork or their procedures in place to be ISO certified. They haven't paid any municipal bonding. They have NOTHING to lose. As such, they aren't within range of affordable liability insurance. They are doing it because the operations manager of that particular company is likely lazy, and doesn't care enough to do their due dilligence to see that they are disposing of their own data according to the law. (the law in this case is largely dictated by tax code and labor code)
Geo
Well-known member
Huntsville Al is the technology hub in the south. If it is security related, there are plenty of companies here to take care of it.
silversaddle1
Well-known member
snoman701 said:
I can find so many things wrong with this statement, I don't even know where to begin.
So lay it all out for the readers.silversaddle1 said:snoman701 said:
I can find so many things wrong with this statement, I don't even know where to begin.
You have posted a picture of an obsolete press that would cost more to get upgraded to meet osha requirements than a small hard drive shredder costs....and you are happy to find fault with other posters, but really don't contribute otherwise.
What I know is that in my dealings in escrap, I know of two operators that will not sell me hard drives on a cash/market basis. One is a small computer store who prefers to destroy them himself. The other runs a data disposal company. In his words, "if my underwriters audited the drive disposal logs, I'd lose my coverage".
But that's for my messily little operation where I'm moving a thousand pounds of good boards a month.
I can't grow more until I'm in commercial space, and then there are a dozen little guys and a few big guys within 50 miles that are all competing for the same medium size contracts.
These are $100k+ contracts. Not haulaway jobs.
You want contracts like what Jon is talking about, you have to have an operation with something to lose.
Sent from my iPhone using Tapatalk
- Joined
- May 31, 2016
- Messages
- 3,478
I'm not sure why people think someone has to be "of a certain size" to do certain things or to think in a particular way. Thinking in a certain way is what makes it possible to be of a "particular size."
Upon joining the forum in 2012 I didn't do any of this kind of work. Anyone can build something and that was the point of my hurried post.
Enjoy guys it was all meant in a good way. 8)
Edit for context and typo.
Upon joining the forum in 2012 I didn't do any of this kind of work. Anyone can build something and that was the point of my hurried post.
Enjoy guys it was all meant in a good way. 8)
Edit for context and typo.
